PUBLIC SERVICE ANNOUNCEMENT: 2FA NOW MANDATORY - YOU DON'T NEED A PHONE NUMBER FFS

[Tacgnol]

You can verify your own passwords using a password manager or Google's password manager for leaked or repeated passwords. But if everyone did that, there'd be nothing to talk about.

It would also help if people used different passwords per site. I thought Codexers, being generally concerned about their privacy, would pay more attention to password hygiene but apparently not.

 

[Twiglard]

You can verify your own passwords using a password manager or Google's password manager for leaked or repeated passwords. But if everyone did that, there'd be nothing to talk about.

It would also help if people used different passwords per site. I thought Codexers, being generally concerned about their privacy, would pay more attention to password hygiene but apparently not.

Without a password manager, using unique per-site passwords is too difficult. It took quite a few site database leaks in a short time for me to bite the bullet and start using Bitwarden. Before that I had 3-4 passwords, used depending on the importance of given account. Remembering 20 or more passwords that aren't just variants of a single one with a few characters thrown at the end exceeds the capabilities of my brain.

 

[Tacgnol]

You can verify your own passwords using a password manager or Google's password manager for leaked or repeated passwords. But if everyone did that, there'd be nothing to talk about.

It would also help if people used different passwords per site. I thought Codexers, being generally concerned about their privacy, would pay more attention to password hygiene but apparently not.

Without a password manager, using unique per-site passwords is too difficult. It took quite a few site database leaks in a short time for me to bite the bullet and start using Bitwarden. Before that I had 3-4 passwords, used depending on the importance of given account. Remembering 20 or more passwords that aren't just variants of a single one with a few characters thrown at the end exceeds the capabilities of my brain.

Yep, it's why I'm generally a proponent of password managers.

 

[GrafvonMoltke]

Shilling Bitwarden huh? Next it'll RAID SHADOW LEGENDS or NORD VPN

 

[Jaedar]

Didn't have issue with needing to do 2fa again today... :itisamystery:

 

[Nano]

This was a long time coming, but I'm surprised that apparently even DU didn't use 2FA before this.

Edit: oh, DarkPatriot, not DU.

 

[Semiurge]

Two days of succesful authorisation in a row, I will do things exactly the same for some time and if things go smooth during that time, I'll slowly begin to make some changes to see if the malfunction was caused by some known factor.

 

[Haba]

This was a long time coming, but I'm surprised that apparently even DU didn't use 2FA before this.

Edit: oh, DarkPatriot, not DU.

Well, have you seen DU posting since the MFA requirement?

Clearly he couldn't figure it out yet...

 

[Roguey]

Without a password manager, using unique per-site passwords is too difficult. It took quite a few site database leaks in a short time for me to bite the bullet and start using Bitwarden. Before that I had 3-4 passwords, used depending on the importance of given account. Remembering 20 or more passwords that aren't just variants of a single one with a few characters thrown at the end exceeds the capabilities of my brain.

I use a unique password for every site I use. I have a password text file so of course if my own PC gets hacked everything gets compromised.

 

[Hobo Elf]

Without a password manager, using unique per-site passwords is too difficult. It took quite a few site database leaks in a short time for me to bite the bullet and start using Bitwarden. Before that I had 3-4 passwords, used depending on the importance of given account. Remembering 20 or more passwords that aren't just variants of a single one with a few characters thrown at the end exceeds the capabilities of my brain.

I use a unique password for every site I use. I have a password text file so of course if my own PC gets hacked everything gets compromised.

This, except I have a little phyiscal notebook for my passwords. I use a unique pw for everything, which also includes a crapful of work related things as well.

 

[Lady Error]

Without a password manager, using unique per-site passwords is too difficult. It took quite a few site database leaks in a short time for me to bite the bullet and start using Bitwarden. Before that I had 3-4 passwords, used depending on the importance of given account. Remembering 20 or more passwords that aren't just variants of a single one with a few characters thrown at the end exceeds the capabilities of my brain.

I use a unique password for every site I use. I have a password text file so of course if my own PC gets hacked everything gets compromised.

Encrypt the text file itself with a password.

 

[Spectral Pontifex]

You guys don't use a different password and email for everything?

 

[lukaszek]

Without a password manager, using unique per-site passwords is too difficult. It took quite a few site database leaks in a short time for me to bite the bullet and start using Bitwarden. Before that I had 3-4 passwords, used depending on the importance of given account. Remembering 20 or more passwords that aren't just variants of a single one with a few characters thrown at the end exceeds the capabilities of my brain.

I use a unique password for every site I use. I have a password text file so of course if my own PC gets hacked everything gets compromised.

Encrypt the text file itself with a password.

and then realize you can just use keepass. we did it boyz

 

[GrafvonMoltke]

I just write my passwords on little scraps of paper and I'll just eat them when the FBI come

 

[Tacgnol]

Shilling Bitwarden huh? Next it'll RAID SHADOW LEGENDS or NORD VPN

Bitwarden is pretty decent to be fair.

 

[Lord of Riva]

There's no such addon

https://xenforo.com/community/resources/flood-permissions.6800/
Provides user group permissions for the following post rate limiting options:
Delete - General rate limiting - delay between [deleting] posts in seconds

I don't understand how any of this shit works in the first place so apologies if I'm being a nuisance rather than helpful (j/k I've never been helpful in my life) but this kinda sounds like such addon

Congrats, looks like you found one. But even with deletion instances time limited, someone with a script could still play the long game and delete a lot of posts over a longer period and be even harder to notice. So it wouldn't solve the problem, it'd just extend it over a longer period. My choice would be either limit post deletion to something like 2 hours, or disable it altogether. Any legit need for post deletion could be asked of the mods by using the report post function. Probably half of the deleted posts here are basically people who instead of editing their post, just delete it and make a new one with the same contents.

Yeah, just make it as inconvenient for the users as possible so you can remain lazy. I mean, if you really cared about edge cases you would have thought about a solution when you moved the forum software, can't have that though, would be effort.

Long-story short: You just want this shit, because you think it's easy, solves your issue and it's irrelevant if it's shit for the users, who cares and all.
Daym, at least it's not user generated drama.

 

[Roguey]

Encrypt the text file itself with a password.

Too much effort for my tastes. In my nearly-30 years on the internet, I've never been hacked. There's always a possibility it could happen, but it seems like a low one. I know not to click on suspicious links or emails or fall for fear-scams.

 

[Lord of Riva]

Encrypt the text file itself with a password.

Too much effort for my tastes. In my nearly-30 years on the internet, I've never been hacked. There's always a possibility it could happen, but it seems like a low one. I know not to click on suspicious links or emails or fall for fear-scams.

If some shit-head really, really wants too he will most likely find a hole in your defense anyways. As long as you are somewhat internet literate you are relatively safe, full safety is an illusion anyways.

 

[Taluntain]

Which browsers in 2023 don't have an integrated pass manager / login saving that you all need to store them separately? Firefox has even had a function to generate unique strong passwords for individual logins for years now, which takes all the legwork out of it.

 

[lukaszek]

Which browsers in 2023 don't have an integrated pass manager / login saving that you all need to store them separately?

its more about user paranoia.

 

[BrotherFrank]

You can verify your own passwords using a password manager or Google's password manager for leaked or repeated passwords. But if everyone did that, there'd be nothing to talk about.

It would also help if people used different passwords per site. I thought Codexers, being generally concerned about their privacy, would pay more attention to password hygiene but apparently not.

In theory yes, i should have a different password for everything i use, ideally some 12+ letter strong with symbols and caps and everything.

In practice? Maybe i’m just a retard but i struggle memorizing more then a handful of passwords and every time there was some bs forcing me to come up with new ones i end up forgetting it, necessiting me to have to write it down somewhere.
This is especially true for passwords i barely use.

This all ends up creating a far bigger security concern:the risk of misplacing where i store my password hoard, a far more likely scenario for me then getting hacked. Forcing me to come up with an even worst solution which is what i ended up doing with the codex codes: storing them on my email along with a helpful “codex codes” headline because otherwise i will forget down the line which codes access what.

Does this sound secure? Storing all my eggs in one basket like this where if anyone figured out my email they will get access to most of my passwords used for everything? This is why i loathe 2fa so much, it does not help secure my accounts at all, it just busts my balls for 0 gain.

Ooh but just use a password manager! Ok and what if something happens to my device? I’ve had my computer die on me and my hard drive getting wiped, losing every program and file on it. So no i do not trust relying on an external program managing my passwords because if something happens to that program i will be even more fucked then it someone figures out my email password.

It’s great you are able to juggle multiple individual passwords for everything you use, but if i remember the studies on this topic, the overwhelming majority of people are going to be like me unfortunately.

Make 2fa optional , if someone goes around deleting my posts i don’t think it would be that big a loss and i’ve never been one to care about post counts. I‘ll just shrug and make a new account at worst.

 

[KörangarTheMighty]

My choice would be either limit post deletion to something like 2 hours... Any legit need for post deletion could be asked of the mods by using the report post function.

Do it.

 

[tommy heavenly6]

In theory yes, i should have a different password for everything i use, ideally some 12+ letter strong with symbols and caps and everything.

In practice? Maybe i’m just a retard but i struggle memorizing more then a handful of passwords and every time there was some bs forcing me to come up with new ones i end up forgetting it, necessiting me to have to write it down somewhere.
This is especially true for passwords i barely use.

This all ends up creating a far bigger security concern:the risk of misplacing where i store my password hoard, a far more likely scenario for me then getting hacked. Forcing me to come up with an even worst solution which is what i ended up doin with the codex codes: storing them on my email along with a helpful “codex codes” headline because otherwise i will forget dowh the line which codes access what.

Does this sound secure? Storing all my eggs in one basket like this where if anyone figured out my email they will get access to most of my passwords used for everything? This is why i loathe 2fa so much, it does not help secure my accounts at all, it just busts my balls for 0 gain.

Ooh but just use a password manager! Ok and what if something happens to my device? I’ve had my computer die on me and my hard drive getting wiped, losing every program and file on it. So no i do not trust relying on an external program managing my passwords because if something happens to that program i will be even more fucked then it someone figures out my email password.

It’s great you are able to juggle multiple individual passwords for everything you use, but if i remember the studies on this topic, the overwhelming majority of people are going to be like me unfortunately.

Make 2fa optional , if someone goes around deleting my posts i don’t think it would be that big a loss and i’ve never been one to care about post counts. I‘ll just shrug and make a new account at worst.

You only need to memorize your email passwords. Note them on a sheet of paper if you have many. I don't even bother with memorizing passwords from sites, the browser does, and if for some reason I lose all the data and I don't remember shit, I can set a new password using the email recovering option. Which is why all the effort needs to go to your email stuff.

 

[Sherry]

Hi.

security! Security! SECURITY!

Gosh that was with 2fa just checked and thankfs the DEADFIRE discussion thread there still okay? Okay!"

Thanks,
Sherry

 

[Lady Error]

Thanks Sherry for your valuable input.